Windows XP SP3 omits "MS06-069" critical security update

Microsoft Tuesday confirmed that Windows XP SP3 (Service Pack 3) omits a critical security update issued by the company in November 2006. The company acknowledged the omission while attempting to clarify the impact XP SP3 has on existing installations of Flash Player, an add-on that Microsoft bundled with Windows XP when it first shipped in […]

Microsoft Tuesday confirmed that Windows XP SP3 (Service Pack 3) omits a critical security update issued by the company in November 2006. The company acknowledged the omission while attempting to clarify the impact XP SP3 has on existing installations of Flash Player, an add-on that Microsoft bundled with Windows XP when it first shipped in 2001. Microsoft has patched Flash Player in the past using Windows Update, notably with the security update MS06-069 it issued Nov. 14, 2006.

MS06-069, the AWOL update, patched five vulnerabilities in Adobe's Flash Player, and was rated "critical" by Microsoft, the company's highest threat ranking. Microsoft did not explain why the patch is missing from the service pack, which it has billed as including "all previously released updates."

Flash Player has made security news of late; last week, for example, researchers revealed that hackers were actively exploiting Flash Player 9.0.115.0, an edition released by Adobe in December 2007. On Monday, Computerworld reported that Windows XP SP3 shipped with that out-of-date and vulnerable version, rather than the newer and more secure Flash Player 9.0.124.0, which Adobe issued in early April, about two weeks before Microsoft wrapped up the service pack and began distributing it to OEMs.

Source:→ InfoWorld

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.